To enable your users to authenticate, you create user accounts and groups. When a user connects to the authentication portal with a web browser on a computer or smart phone and authenticates to the Firebox or XTM device, the user credentials and computer IP address are used to find whether the configuration includes a policy that applies to the traffic that the computer sends and receives.
To create a Firebox user account:
After you have added a user to a group and created policies to manage the traffic for the user, the user can open a web browser on a computer or smart phone to authenticate to the Firebox or XTM device.
If you have configured the Firebox or XTM device with an IPv4 or an IPv6 address, you can use either the IPv4 or the IPv6 address to authenticate to the device over port 4100.
To authenticate with an HTTPS connection to the XTM device over port 4100:
If the credentials are valid, the user is authenticated.
Firewall authentication takes precedence over Single Sign-On, and replaces the user credentials and IP address from your Single Sign-On session with the user credentials and IP address you select for Firewall authentication. For more information about how to configure Single Sign-On, see About Single Sign-On (SSO).
About User Authentication
Add Policies to Your Configuration